image

Emailed Payslips - Security Issues

  • Using the internet for anything exposes you to certain risks, although those risks are often misunderstood or overstated.
  • There are two types of risk related to emailing your payslips which we would call technical risk and people risk. We cover both of those on this page.

Technical Risk

  • In order to send emailed payslips, Ace Payroll creates a file on your computer. The file is not on the internet and is no more or less "at risk" than literally any other file on your computer.
  • When you click GO to confirm the sending of your emailed payslips, the contents of this file are then sent through the internet to the employees.
  • In other words, the technical risks now are unchanged from what they are if you don't email payslips. At no stage is your payroll "online" and if in the past you've used Ace Payroll whilst on the internet you were exposed to exactly the same "risks" that you are now.
  • Of course, some of our customers would never dream of having their payroll and accounting programs on a computer with internet access - something we can relate to. For clients in this category, they will not be able to email payslips.
  • In summary, any use of the internet exposes you to a small risk of hackers, unwanted downloads etc. Emailing your payslips does not in any way increase these risks and is exactly equivalent to either doing your direct credits electronically, or using ir-file - you are creating a file that is stored on your computer, then sending the chosen file to someone using the internet.

People Risk

  • The real risks with emailing payslips are not technical, but human factors.
  • Truth be told, most of these risks exist with printed payslips too, but, you should be aware of them before using the routine.
  • The first risk is that you type an incorrect email address into Ace Payroll and a payslip gets sent to the wrong person. This is equivalent to typing in an incorrect postal address and posting a payslip to the wrong person, so can only be eliminated by checking and care.
  • The second risk is that your employee, having received the emailed payslip, decides to forward it to other email addresses. This risk also exists in the real world - many employers would have had issues with payslips getting into the wrong hands, being compared etc. The only thing to remember is that information sharing is a lot quicker with the internet.
  • With a printed payslip, your employee could choose to show it to a few other people. With emailed payslips, he could easily forward it to one thousand people very quickly (why he would choose to do this escapes us, however).
  • The third risk is that, for want of a better term, the "boogey man" somehow gets to look at one of your emailed payslips.
  • In the context of emailed payslips, the "boogey man" would be an employee at your internet service provider, or another internet service provider, or your network administrator, or, in a far fetched scenario, some Romanian hacker who has access to your employee's email address.
  • While these risks are real, we rate them as equivalent to the risks of a New Zealand Post worker, your mail clerk, a disgruntled employee, your employee's neighbour etc managing to get hold of a printed payslip, which they can do in numerous ways.
  • In theory, there are ways you can make email much more secure. In practice, this often has the side effect of increasing the very small risk that a bored geek at your internet service provider decides to snoop on your emails.
  • In summary, human risks associated with emailing payslips are the same risks you face by printing them, but, should someone (most likely an employee) decide to share the confidential information, the internet allows it to be shared much more quickly and to a worldwide audience.
  • The only way to completely eliminate this risk is to not email payslips.

More on Emailed Payslips

Emailed Payslips - Overview
An overview of emailing payslips from Ace Payroll more..
Emailed Payslips Using Telecom
Telecom are changing their service from 30th September 2014 more..
Company Setup
Setting up your system for emailing payslips more..
Employee Setup
Setting up an employee to receive emailed payslips more..
Regular Payslip Report
The Regular Payslip Report is shown prior to producing a batch of regular payslips for your employees more..
Send Queued Emails
Emails are added to the queue of emails to be sent more..
Security Issues
Using the internet for anything exposes you to certain risks, although those risks are often misunderstood or overstated more..
Norton Internet Security
Error 11011 can be caused by Norton Internet Security and other Norton products when sending outgoing email from Ace Payroll more..
McAfee VirusScan 8
Error 10053 can be caused by McAfee VirusScan Enterprise 8 when sending outgoing email from Ace Payroll more..
Microsoft Exchange Server
All clients we have encountered with Microsoft Exchange Server have failed in their initial attempt to email payslips having struck one or both of the two issues described more..
Internet Provider Settings
For Ace Payroll to correctly send emailed payslips, it needs to know your internet provider settings more..
Alphabetical Index
The Ace Payroll alphabetical index provides links to all documentation more..
Ace Payroll FAQ Contents
All the most common Ace Payroll questions grouped by categories in a short table of key words more..
Ace Payroll Frequently Asked Questions
All the most common questions we are asked at Ace Payroll listed in a question format and grouped by category more..